Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Use-After-Free, Out-of-bounds Write and Heap-based Buffer Overflow vulnerabilities exist in the DWG and DXF file reading procedure in SOLIDWORKS Desktop from Release SOLIDWORKS 2021 through Release SOLIDWORKS 2023
Vulnerability Description
Use-After-Free, Out-of-bounds Write and Heap-based Buffer Overflow vulnerabilities exist in the DWG and DXF file reading procedure in SOLIDWORKS Desktop from Release SOLIDWORKS 2021 through Release SOLIDWORKS 2023. These vulnerabilities could allow an attacker to execute arbitrary code while opening a specially crafted DWG or DXF file.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Vulnerability Type
释放后使用
Vulnerability Title
SolidWorks 资源管理错误漏洞
Vulnerability Description
SolidWorks是SolidWorks公司的一个运行在微软Windows平台下的三维CAD软件。 SolidWorks 2021版本至2023版本存在安全漏洞,该漏洞源于文件读取过程中存在释放后重用、越界写入和基于堆的缓冲区溢出漏洞,可能允许攻击者打开特制的DWG或DXF文件时执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A